Описание
HashiCorp Vault and Vault Enterprise transit secrets engine allowed authorized users to specify arbitrary nonces, even with convergent encryption disabled. The encrypt endpoint, in combination with an offline attack, could be used to decrypt arbitrary ciphertext and potentially derive the authentication subkey when using transit secrets engine without convergent encryption. Introduced in 1.6.0 and fixed in 1.14.3, 1.13.7, and 1.12.11.
A flaw was found in HashiCorp Vault and Vault Enterprise, where the transit secrets engine allowed authorized users to specify arbitrary nonces, even with convergent encryption disabled. The encrypt endpoint, in combination with an offline attack, could be used to decrypt arbitrary ciphertext and potentially derive the authentication subkey when using the transit secrets engine without convergent encryption.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Openshift Container Storage 4 | ocs4/cephcsi-rhel8 | Out of support scope | ||
| Red Hat Openshift Container Storage 4 | ocs4/mcg-rhel8-operator | Out of support scope | ||
| Red Hat Openshift Container Storage 4 | ocs4/ocs-must-gather-rhel8 | Out of support scope | ||
| Red Hat Openshift Container Storage 4 | ocs4/ocs-rhel8-operator | Out of support scope | ||
| Red Hat Openshift Container Storage 4 | ocs4/rook-ceph-rhel8-operator | Out of support scope | ||
| Red Hat Openshift Data Foundation 4 | odf4/cephcsi-rhel9 | Out of support scope | ||
| Red Hat Openshift Data Foundation 4 | odf4/mcg-cli-rhel9 | Out of support scope | ||
| Red Hat Openshift Data Foundation 4 | odf4/mcg-rhel9-operator | Out of support scope | ||
| Red Hat Openshift Data Foundation 4 | odf4/ocs-metrics-exporter-rhel9 | Out of support scope | ||
| Red Hat Openshift Data Foundation 4 | odf4/ocs-must-gather-rhel8 | Out of support scope |
Показывать по
Дополнительная информация
Статус:
EPSS
6.8 Medium
CVSS3
Связанные уязвимости
HashiCorp Vault and Vault Enterprise transit secrets engine allowed authorized users to specify arbitrary nonces, even with convergent encryption disabled. The encrypt endpoint, in combination with an offline attack, could be used to decrypt arbitrary ciphertext and potentially derive the authentication subkey when using transit secrets engine without convergent encryption. Introduced in 1.6.0 and fixed in 1.14.3, 1.13.7, and 1.12.11.
HashiCorp Vault Improper Input Validation vulnerability
Уязвимость платформ для архивирования корпоративной информации HashiCorp Vault и Vault Enterprise, связанная с неправильной проверкой входных данных, позволяющая нарушителю задавать произвольные случайные значения (нонсы) при отключённой конвергентной криптографии
EPSS
6.8 Medium
CVSS3